Secure key storage and distribution
Abstract
This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.
- Inventors:
- Issue Date:
- Research Org.:
- Washington State Univ., Pullman, WA (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1183337
- Patent Number(s):
- 9049011
- Application Number:
- 13/967,029
- Assignee:
- Washington State University (Pullman, WA)
- Patent Classifications (CPCs):
-
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- OE0000097
- Resource Type:
- Patent
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING; 99 GENERAL AND MISCELLANEOUS
Citation Formats
Agrawal, Punit. Secure key storage and distribution. United States: N. p., 2015.
Web.
Agrawal, Punit. Secure key storage and distribution. United States.
Agrawal, Punit. Tue .
"Secure key storage and distribution". United States. https://www.osti.gov/servlets/purl/1183337.
@article{osti_1183337,
title = {Secure key storage and distribution},
author = {Agrawal, Punit},
abstractNote = {This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2015},
month = {6}
}
Works referenced in this record:
System and method for initial key establishment using a split knowledge protocol
patent, August 2012
- Subramanian, Ananthan; Chang, Lawrence Wen-Hao
- US Patent Document 8,245,050
Password Authentication Using Multiple Servers
book, January 2001
- Jablon, David P.
- Topics in Cryptology — CT-RSA 2001
Addition of El Gamal Plaintexts
book, January 2000
- Jakobsson, Markus; Juels, Ari
- Advances in Cryptology — ASIACRYPT 2000
Shared generation of authenticators and signatures
book, January 2007
- Desmedt, Yvo; Frankel, Yair
- Advances in Cryptology — CRYPTO ’91
Long-lived authentication protocols for process control systems
journal, December 2010
- Chakravarthy, Rasika; Hauser, Carl; Bakken, David E.
- International Journal of Critical Infrastructure Protection, Vol. 3, Issue 3-4, p. 174-181
Threshold cryptography
journal, July 1994
- Desmedt, Yvo G.
- European Transactions on Telecommunications, Vol. 5, Issue 4
Impossibility of distributed consensus with one faulty process
journal, April 1985
- Fischer, Michael J.; Lynch, Nancy A.; Paterson, Michael S.
- Journal of the ACM, Vol. 32, Issue 2
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
book, January 1995
- Herzberg, Amir; Jarecki, Stanisław; Krawczyk, Hugo
- Advances in Cryptology — CRYPT0’ 95
Efficient and Non-malleable Proofs of Plaintext Knowledge and Applications
book, January 2003
- Katz, Jonathan
- Lecture Notes in Computer Science
The Byzantine Generals Problem
journal, July 1982
- Lamport, Leslie; Shostak, Robert; Pease, Marshall
- ACM Transactions on Programming Languages and Systems, Vol. 4, Issue 3
Byzantine quorum systems
journal, October 1998
- Malkhi, Dahlia; Reiter, Michael
- Distributed Computing, Vol. 11, Issue 4
CODEX: a robust and secure secret distribution system
journal, January 2004
- Marsh, M. A.; Schneider, F. B.
- IEEE Transactions on Dependable and Secure Computing, Vol. 1, Issue 1
How to share a secret
journal, November 1979
- Shamir, Adi
- Communications of the ACM, Vol. 22, Issue 11
Proactive Resilience Revisited: The Delicate Balance Between Resisting Intrusions and Remaining Available
conference, October 2006
- Sousa, Paulo; Neves, Nuno Ferreira; Verissimo, Paulo
- 2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06)
Survivable information storage systems
journal, January 2000
- Wylie, J. J.; Bigrigg, M. W.; Strunk, J. D.
- Computer, Vol. 33, Issue 8
COCA: A secure distributed online certification authority
journal, November 2002
- Zhou, Lidong; Schneider, Fred B.; Van Renesse, Robbert
- ACM Transactions on Computer Systems, Vol. 20, Issue 4
APSS: proactive secret sharing in asynchronous systems
journal, August 2005
- Zhou, Lidong; Schneider, Fred B.; Van Renesse, Robbert
- ACM Transactions on Information and System Security, Vol. 8, Issue 3
How Resilient are Distributed f Fault/Intrusion-Tolerant Systems?
conference, January 2005
- Sousa, P.; Neves, N. F.; Verissimo, P.
- 2005 International Conference on Dependable Systems and Networks (DSN'05)
Works referencing / citing this record: